7.5
CVSSv3

CVE-2018-11712

Published: 04/06/2018 Updated: 21/10/2018
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Summary

WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp in the libsoup network backend of WebKit, as used in WebKitGTK+ versions 2.20.0 and 2.20.1, failed to perform TLS certificate verification for WebSocket connections.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.
Vulnerable Product Search on Vulmon Subscribe to Product

webkitgtk webkitgtk\\+ 2.20.1

webkitgtk webkitgtk\\+ 2.20.0

Vendor Advisories

WebCore/platform/network/soup/SocketStreamHandleImplSoupcpp in the libsoup network backend of WebKit, as used in WebKitGTK+ versions 2200 and 2201, failed to perform TLS certificate verification for WebSocket connections ...
Oracle Solaris Third Party Bulletin - October 2018 Description The Oracle Solaris Third Party Bulletin announces patches for one or more security vulnerabilities fixed in third party software that is included in Oracle Solaris distributions Starting January 20, 2015, Third Party Bulletins are released on the same day when Oracle Critic ...

Mailing Lists

------------------------------------------------------------------------ WebKitGTK+ and WPE WebKit Security Advisory WSA-2018-0005 ------------------------------------------------------------------------ Date reported : June 13, 2018 Advisory ID : WSA-2018-0005 CVE identifiers : CVE-2018-4190, CVE-2018 ...